CVE-2009-3980
https://notcve.org/view.php?id=CVE-2009-3980
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox v3.5.x antes de v3.5.6, SeaMonkey antes de v2.0.1 y Thunderbird permiten a atacantes remotos provocar una denegación de servicio (por corrupción de la memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://secunia.com/advisories/37699 http://secunia.com/advisories/37785 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://securitytracker.com/id?1023333 http://securitytracker.com/id?1023334 http://www.mozilla.org/security/announce/2009/mfsa2009-65.html http://www.novell.com/linux/security/advisories/2009_63_firefox.html http://www.securityfocus.com/bid/37349 http://www.securityfocus.com/bid/37362 http://www.ubuntu.com/usn/USN-874-1 http:/& • CWE-399: Resource Management Errors •
CVE-2009-3982
https://notcve.org/view.php?id=CVE-2009-3982
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor JavaScript en Mozilla Firefox v3.5.x antes de v3.5.6, SeaMonkey antes de v2.0.1 y Thunderbird permite a atacantes remotos provocar una denegación de servicio (mediante corrupción de memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://secunia.com/advisories/37699 http://secunia.com/advisories/37783 http://secunia.com/advisories/37785 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://securitytracker.com/id?1023333 http://securitytracker.com/id?1023334 http://www.mozilla.org/security/announce/2009/mfsa2009-65.html http://www.novell.com/linux/security/advisories/2009_63_firefox.html http://www.securityfocus.com/bid/37349 http://www.securityfocus.com/bid/37364 http://www. •
CVE-2009-3983 – Mozilla NTLM reflection vulnerability
https://notcve.org/view.php?id=CVE-2009-3983
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user. Mozilla Firefox en versiones anteriores a v3.0.16 y v3.5.x antes de v3.5.6, y SeaMonkey antes de v2.0.1, permite enviar solicitudes autenticadas a aplicaciones arbitrarias a atacantes remotos respondiendo a las credenciales NTLM de un usuario del navegador. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/37699 http://secunia.com/advisories/37703 http://secunia.com/advisories/37704 http://secunia.com/advisories/37785 http://secunia.com/advisories/37813 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 http://securitytracker.com/id?1023340 http://securitytracker.com/id?1023341 http:/ •
CVE-2009-3981 – Mozilla crashes with evidence of memory corruption
https://notcve.org/view.php?id=CVE-2009-3981
Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox antes de v3.0.16, SeaMonkey antes de v2.0.1 y Thunderbird permite a atacantes remotos provocar una denegación de servicio (mediante corrupción de la memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://secunia.com/advisories/37699 http://secunia.com/advisories/37704 http://secunia.com/advisories/37785 http://secunia.com/advisories/37813 http://secunia.com/advisories/37881 http://securitytracker.com/id?1023333 http://securitytracker.com/id?1023334 http://www.debian.org/security/2009/dsa-1956 http://www.mozilla.org/security/announce/2009/mfsa2009-65.html http://www.novell.com/linux/security/advisories/2009_63_firefox.html http://www.securityfocus.com/bid/37349 http: •
CVE-2009-3984 – Mozilla SSL spoofing with document.location and empty SSL response page
https://notcve.org/view.php?id=CVE-2009-3984
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body. Mozilla Firefox en versiones anteriores a v3.0.16 y v3.5.x antes de v3.5.6, y SeaMonkey antes de v2.0.1, permite a atacantes remotos suplantar un indicador de SSL para una URL o fichero HTTP URL estableciendo el valor de document.location a una URL https correspondiente a un sitio que responde con un código de estado "No Content" (Código 204) y un cuerpo vacío. • http://secunia.com/advisories/37699 http://secunia.com/advisories/37703 http://secunia.com/advisories/37704 http://secunia.com/advisories/37785 http://secunia.com/advisories/37813 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://securitytracker.com/id?1023342 http://securitytracker.com/id?1023343 http://www.debian.org/security/2009/dsa-1956 http://www.mozilla.org/security/announce/2009/mfsa2009-69.html http://www.novell.com/linux/security/advis •